Incident Response

Use Windows event logs for ransomware investigations, JPCERT/CC advises

Don't miss, Hot stuff, Incident Response, logging, News, Ransomware, Windows /

Use Windows event logs for ransomware investigations, JPCERT/CC advises 2024-10-01 at 13:46 By Zeljka Zorz The JPCERT Coordination Center – the first Computer Security Incident Response Team established in Japan – has compiled a list of entries in Windows event logs that could help enterprise defenders respond to human-operated ransomware attacks and potentially limit the […]

React to this headline:

Loading spinner

Use Windows event logs for ransomware investigations, JPCERT/CC advises Read More »

CrowdStrike Overhauls Testing and Rollout Procedures to Avoid System Crashes

BSOD, buggy update, CrowdStrike, Featured, Incident Response, Microsoft, Windows /

CrowdStrike Overhauls Testing and Rollout Procedures to Avoid System Crashes 2024-09-24 at 23:16 By Ryan Naraine CrowdStrike says it has revamped several testing, validation, and update rollout processes to prevent a repeat of the July BSOD incident. The post CrowdStrike Overhauls Testing and Rollout Procedures to Avoid System Crashes appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

CrowdStrike Overhauls Testing and Rollout Procedures to Avoid System Crashes Read More »

Organizations are changing cybersecurity providers in wake of Crowdstrike outage

business continuity, CrowdStrike, cyber risk, cybersecurity, disruption, Don't miss, Europe, Germany, Hot stuff, Incident Response, News, procurement /

Organizations are changing cybersecurity providers in wake of Crowdstrike outage 2024-09-23 at 15:46 By Zeljka Zorz More often than not, a cyber attack or a cyber incident that results in business disruption will spur organizations to make changes to improve their cybersecurity and cyber resilience – and sometimes that means changing cybersecurity providers. The recent

React to this headline:

Loading spinner

Organizations are changing cybersecurity providers in wake of Crowdstrike outage Read More »

Degraded Performance Issue Sparks Concern Among CrowdStrike Customers

CrowdStrike, Incident Response /

Degraded Performance Issue Sparks Concern Among CrowdStrike Customers 2024-08-23 at 15:01 By Eduard Kovacs CrowdStrike has addressed a cloud service issue causing degraded performance and boot times for some of its customers.  The post Degraded Performance Issue Sparks Concern Among CrowdStrike Customers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Degraded Performance Issue Sparks Concern Among CrowdStrike Customers Read More »

Current attacks, targets, and other threat landscape trends

Cisco, cybersecurity, Don't miss, Hot stuff, Incident Response, News, report, threats, Video /

Current attacks, targets, and other threat landscape trends 2024-08-14 at 06:31 By Help Net Security In this Help Net Security video, Kendall McKay, Strategic Lead, Cyber Threat Intelligence at Cisco Talos, discusses the trends that Cisco Talos incident response observed in incident response engagements from Q2 2024, which covers April to June. While the attacks

React to this headline:

Loading spinner

Current attacks, targets, and other threat landscape trends Read More »

In Other News: KnowBe4 Product Flaws, SEC Ends MOVEit Probe, SOCRadar Responds to Hacking Claims

In Other News, Incident Response /

In Other News: KnowBe4 Product Flaws, SEC Ends MOVEit Probe, SOCRadar Responds to Hacking Claims 2024-08-09 at 16:31 By SecurityWeek News Noteworthy stories that might have slipped under the radar: KnowBe4 product vulnerabilities, SOCRadar responds to hacker’s claims, and SEC ends the MOVEit hack probe. The post In Other News: KnowBe4 Product Flaws, SEC Ends MOVEit

React to this headline:

Loading spinner

In Other News: KnowBe4 Product Flaws, SEC Ends MOVEit Probe, SOCRadar Responds to Hacking Claims Read More »

CrowdStrike Dismisses Claims of Exploitability in Falcon Sensor Bug

CrowdStrike, exploit, Featured, Incident Response, Qihoo 360, Vulnerabilities /

CrowdStrike Dismisses Claims of Exploitability in Falcon Sensor Bug 2024-08-08 at 20:46 By Ryan Naraine CrowdStrike dismissed claims that the Falcon EDR sensor bug could be exploited for privilege escalation or remote code execution. The post CrowdStrike Dismisses Claims of Exploitability in Falcon Sensor Bug appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

CrowdStrike Dismisses Claims of Exploitability in Falcon Sensor Bug Read More »

After the Dust Settles: Post-Incident Actions

Incident Response, Management & Strategy /

After the Dust Settles: Post-Incident Actions 2024-08-08 at 18:01 By Marc Solomon After a cybersecurity incident, what should organizations do to learn from it and improve their security posture for the future? The post After the Dust Settles: Post-Incident Actions appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

After the Dust Settles: Post-Incident Actions Read More »

Microsoft Hits Back at Delta After the Airline Said Last Month’s Tech Outage Cost It $500 Million

CrowdStrike, Delta, Featured, Incident Response, Microsoft /

Microsoft Hits Back at Delta After the Airline Said Last Month’s Tech Outage Cost It $500 Million 2024-08-07 at 05:16 By Associated Press Microsoft is trying to determine “why other airlines were able to fully restore business operations so much faster than Delta.” The post Microsoft Hits Back at Delta After the Airline Said Last

React to this headline:

Loading spinner

Microsoft Hits Back at Delta After the Airline Said Last Month’s Tech Outage Cost It $500 Million Read More »

CrowdStrike Releases Root Cause Analysis of Falcon Sensor BSOD Crash

BSOD, CrowdStrike, disaster recovery, Falcon, Featured, Incident Response, Microsoft, Vulnerabilities, Windows /

CrowdStrike Releases Root Cause Analysis of Falcon Sensor BSOD Crash 2024-08-06 at 21:16 By Ryan Naraine CrowdStrike says the Falcon sensor crash that blue-screened Windows machines was caused by a “confluence” of vulnerabilities and testing gaps. The post CrowdStrike Releases Root Cause Analysis of Falcon Sensor BSOD Crash appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

CrowdStrike Releases Root Cause Analysis of Falcon Sensor BSOD Crash Read More »

CrowdStrike and Delta Fight Over Who’s to Blame for the Airline Canceling Thousands of Flights

CrowdStrike, Delta, Incident Response /

CrowdStrike and Delta Fight Over Who’s to Blame for the Airline Canceling Thousands of Flights 2024-08-06 at 13:16 By Associated Press CrowdStrike and Delta are fighting over who is to blame for the airline canceling thousands of flights following the massive outage. The post CrowdStrike and Delta Fight Over Who’s to Blame for the Airline

React to this headline:

Loading spinner

CrowdStrike and Delta Fight Over Who’s to Blame for the Airline Canceling Thousands of Flights Read More »

DigiCert Revoking 83,000 Certificates of 6,800 Customers

certificates, DigiCert, Incident Response /

DigiCert Revoking 83,000 Certificates of 6,800 Customers 2024-08-01 at 12:46 By Eduard Kovacs DigiCert has started revoking 83,000 certificates impacted by a validation issue, but critical infrastructure customers are asking for more time. The post DigiCert Revoking 83,000 Certificates of 6,800 Customers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

DigiCert Revoking 83,000 Certificates of 6,800 Customers Read More »

Ransomware Attack Hits OneBlood Blood Bank, Disrupts Medical Operations

data breach, Data Breaches, healthcare, Incident Response, medical, OneBlood, Ransomware /

Ransomware Attack Hits OneBlood Blood Bank, Disrupts Medical Operations 2024-07-31 at 21:01 By Ryan Naraine OneBlood, a non-profit blood bank serving more than 300 U.S. hospitals, has been hit by a disruptive ransomware attack. The post Ransomware Attack Hits OneBlood Blood Bank, Disrupts Medical Operations appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Ransomware Attack Hits OneBlood Blood Bank, Disrupts Medical Operations Read More »

CrowdStrike Faces Lawsuits From Customers, Investors

CrowdStrike, Incident Response, lawsuit, Management & Strategy /

CrowdStrike Faces Lawsuits From Customers, Investors 2024-07-31 at 18:01 By Eduard Kovacs CrowdStrike is facing lawsuits from investors and customers following the incident that caused massive global outages. The post CrowdStrike Faces Lawsuits From Customers, Investors appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

CrowdStrike Faces Lawsuits From Customers, Investors Read More »

DigiCert Revoking Many Certificates Due to Verification Issue

certificate, DigiCert, Incident Response, revoked /

DigiCert Revoking Many Certificates Due to Verification Issue 2024-07-31 at 13:46 By Eduard Kovacs DigiCert is immediately revoking many certificates due to a domain validation issue, which could cause disruption to sites, apps and services. The post DigiCert Revoking Many Certificates Due to Verification Issue appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

DigiCert Revoking Many Certificates Due to Verification Issue Read More »

97% of Devices Disrupted by CrowdStrike Restored as Insurer Estimates Billions in Losses

CrowdStrike, Incident Response /

97% of Devices Disrupted by CrowdStrike Restored as Insurer Estimates Billions in Losses 2024-07-26 at 11:17 By Eduard Kovacs CrowdStrike says 97% of Windows systems impacted by its bad update are back online, just as an insurer predicts billions in losses for major companies. The post 97% of Devices Disrupted by CrowdStrike Restored as Insurer

React to this headline:

Loading spinner

97% of Devices Disrupted by CrowdStrike Restored as Insurer Estimates Billions in Losses Read More »

Cloud security threats CISOs need to know about

AlgoSec, Artificial Intelligence, cloud security, cybersecurity, Data Protection, Don't miss, Features, Hot stuff, Incident Response, News, opinion, vulnerability management /

Cloud security threats CISOs need to know about 2024-07-25 at 07:01 By Mirko Zorz In this Help Net Security interview, Ava Chawla, Head of Cloud Security at AlgoSec, discusses the most significant cloud security threats CISOs must be aware of in 2024. These threats include data breaches, misconfiguration, insider threats, advanced persistent threats, ransomware, API

React to this headline:

Loading spinner

Cloud security threats CISOs need to know about Read More »

CrowdStrike Explains Why Bad Update Was Not Properly Tested

CrowdStrike, disaster recovery, Endpoint Security, Featured, Incident Response /

CrowdStrike Explains Why Bad Update Was Not Properly Tested 2024-07-24 at 14:16 By Eduard Kovacs CrowdStrike has shared a preliminary incident review, explaining why the update that caused global chaos was not caught by testing.  The post CrowdStrike Explains Why Bad Update Was Not Properly Tested appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

CrowdStrike Explains Why Bad Update Was Not Properly Tested Read More »

Most Airlines Except One Are Recovering From the CrowdStrike Tech Outage. The Feds Have Noticed

CrowdStrike, Delta, Incident Response, outage /

Most Airlines Except One Are Recovering From the CrowdStrike Tech Outage. The Feds Have Noticed 2024-07-24 at 05:16 By Associated Press Delta has canceled more than 5,500 flights since the outage started early Friday morning. The post Most Airlines Except One Are Recovering From the CrowdStrike Tech Outage. The Feds Have Noticed appeared first on

React to this headline:

Loading spinner

Most Airlines Except One Are Recovering From the CrowdStrike Tech Outage. The Feds Have Noticed Read More »

Canadian Startup Protexxa Attracts $10 Million Series A Financing

Artificial Intelligence, Bell Ventures, Funding/M&A, Incident Response, Protexxa, Series A /

Canadian Startup Protexxa Attracts $10 Million Series A Financing 2024-07-23 at 21:46 By Ionut Arghire Canadian cybersecurity startup Protexxa closes a $10 million Series A funding round that brings the total raised to $15 million. The post Canadian Startup Protexxa Attracts $10 Million Series A Financing appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Canadian Startup Protexxa Attracts $10 Million Series A Financing Read More »

Scroll to Top